Last active
November 28, 2025 15:33
-
-
Save mastier/a9f69d2925305e9c9ca30ef0048a1cc0 to your computer and use it in GitHub Desktop.
Script for Cisco WebAuth transparent proxy login
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -Eeuo pipefail | |
| AUTH_SERVER_URL="" | |
| RSAUSER="" | |
| usage() { | |
| echo "Usage: $0 -s <auth_server_url> -u <username>" | |
| echo | |
| echo "Options:" | |
| echo " -s Authentication server URL (e.g. https://cisco-server)" | |
| echo " -u RSA username" | |
| echo " -h Show this help" | |
| exit 1 | |
| } | |
| while getopts ":s:u:h" opt; do | |
| case "$opt" in | |
| s) AUTH_SERVER_URL="$OPTARG" ;; | |
| u) RSAUSER="$OPTARG" ;; | |
| h) usage ;; | |
| *) usage ;; | |
| esac | |
| done | |
| # Validation | |
| [[ -z "${AUTH_SERVER_URL}" ]] && { echo "Missing -s (server URL)"; usage; } | |
| [[ -z "$RSAUSER" ]] && { echo "Missing -u (username)"; usage; } | |
| # Optional sanity checks | |
| [[ "$AUTH_SERVER_URL" != http* ]] && \ | |
| echo "[WARNING] Server URL does not start with http/https: $AUTH_SERVER_URL" | |
| # ---- helpers ---- | |
| error() { | |
| echo "[ERROR] $*" >&2 | |
| exit 1 | |
| } | |
| require() { | |
| command -v "$1" >/dev/null 2>&1 || error "Missing dependency: $1" | |
| } | |
| # ---- prerequisites ---- | |
| require curl | |
| require grep | |
| # ---- get au_pxytimetag ---- | |
| echo "[*] Fetching login page..." | |
| login_page=$(curl -k -sS --fail "${AUTH_SERVER_URL}") \ | |
| || error "Failed to connect to ${AUTH_SERVER_URL}" | |
| au_pxytimetag=$(echo "$login_page" \ | |
| | grep -oP '(?<=name=au_pxytimetag value=")(\d+)(?=")' \ | |
| | head -n1) | |
| [[ -z "$au_pxytimetag" ]] && error "Could not extract au_pxytimetag" | |
| echo "[*] au_pxytimetag: $au_pxytimetag" | |
| # ---- input ---- | |
| read -s -p "RSA token PIN: " rsapin | |
| echo | |
| read -s -p "RSA token: " rsatoken | |
| echo | |
| [[ -z "$rsapin" || -z "$rsatoken" ]] && error "PIN or token is empty" | |
| password="${rsapin}${rsatoken}" | |
| # ---- send auth request ---- | |
| echo "[*] Sending authentication request..." | |
| response=$(curl -k -sS --fail -X POST \ | |
| -H "Content-Type: application/x-www-form-urlencoded" \ | |
| --data "au_pxytimetag=${au_pxytimetag}&uname=${RSAUSER}&pwd=${password}&ok=OK" \ | |
| "${AUTH_SERVER_URL}") \ | |
| || error "Authentication POST failed" | |
| # ---- parse response ---- | |
| # There is one space difference between "Authentication Failed !" and "Authentication Successful !" | |
| # ESC-OPFW2 Firewall <BR><BR>Authentication Failed ! | |
| # ESC-OPFW2 Firewall <BR><BR>Authentication Successful ! | |
| result=$(echo "$response" \ | |
| | grep -oP '(?<=<H1>ESC-OPFW2 Firewall +<BR><BR>)([\w !]+)(?=</H1>)' \ | |
| | head -n1) | |
| if [[ -z "$result" ]]; then | |
| echo "[*] Raw response saved to debug.html" | |
| echo "$response" > debug.html | |
| error "Could not parse login response" | |
| fi | |
| # ---- output ---- | |
| echo "[*] Server response: $result" | |
| if echo "$result" | grep -iq "success"; then | |
| echo "[✓] Authentication successful" | |
| else | |
| echo "[!] Authentication result unclear or failed" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment